Dockerfile

Documentation: github.com/opencontainers/runc

     1ARG GO_VERSION=1.20
     2ARG BATS_VERSION=v1.9.0
     3ARG LIBSECCOMP_VERSION=2.5.4
     4
     5FROM golang:${GO_VERSION}-bullseye
     6ARG DEBIAN_FRONTEND=noninteractive
     7ARG CRIU_REPO=https://download.opensuse.org/repositories/devel:/tools:/criu/Debian_11
     8
     9RUN KEYFILE=/usr/share/keyrings/criu-repo-keyring.gpg; \
    10    wget -nv $CRIU_REPO/Release.key -O- | gpg --dearmor > "$KEYFILE" \
    11    && echo "deb [signed-by=$KEYFILE] $CRIU_REPO/ /" > /etc/apt/sources.list.d/criu.list \
    12    && apt-get update \
    13    && apt-get install -y --no-install-recommends \
    14        build-essential \
    15        criu \
    16        gcc-aarch64-linux-gnu libc-dev-arm64-cross \
    17        gcc-arm-linux-gnueabi libc-dev-armel-cross \
    18        gcc-arm-linux-gnueabihf libc-dev-armhf-cross \
    19        gcc-powerpc64le-linux-gnu libc-dev-ppc64el-cross \
    20        gcc-s390x-linux-gnu libc-dev-s390x-cross \
    21        gcc-riscv64-linux-gnu libc-dev-riscv64-cross \
    22        curl \
    23        gawk \
    24        gcc \
    25        gperf \
    26        iptables \
    27        jq \
    28        kmod \
    29        pkg-config \
    30        python3-minimal \
    31        sshfs \
    32        sudo \
    33        uidmap \
    34    && apt-get clean \
    35    && rm -rf /var/cache/apt /var/lib/apt/lists/* /etc/apt/sources.list.d/*.list
    36
    37# Add a dummy user for the rootless integration tests. While runC does
    38# not require an entry in /etc/passwd to operate, one of the tests uses
    39# `git clone` -- and `git clone` does not allow you to clone a
    40# repository if the current uid does not have an entry in /etc/passwd.
    41RUN useradd -u1000 -m -d/home/rootless -s/bin/bash rootless
    42
    43# install bats
    44ARG BATS_VERSION
    45RUN cd /tmp \
    46    && git clone https://github.com/bats-core/bats-core.git \
    47    && cd bats-core \
    48    && git reset --hard "${BATS_VERSION}" \
    49    && ./install.sh /usr/local \
    50    && rm -rf /tmp/bats-core
    51
    52# install libseccomp
    53ARG LIBSECCOMP_VERSION
    54COPY script/seccomp.sh script/lib.sh /tmp/script/
    55RUN mkdir -p /opt/libseccomp \
    56    && /tmp/script/seccomp.sh "$LIBSECCOMP_VERSION" /opt/libseccomp arm64 armel armhf ppc64le riscv64 s390x
    57ENV LIBSECCOMP_VERSION=$LIBSECCOMP_VERSION
    58ENV LD_LIBRARY_PATH=/opt/libseccomp/lib
    59ENV PKG_CONFIG_PATH=/opt/libseccomp/lib/pkgconfig
    60
    61# Prevent the "fatal: detected dubious ownership in repository" git complain during build.
    62RUN git config --global --add safe.directory /go/src/github.com/opencontainers/runc
    63
    64WORKDIR /go/src/github.com/opencontainers/runc
    65
    66# Fixup for cgroup v2.
    67COPY script/prepare-cgroup-v2.sh /
    68ENTRYPOINT [ "/prepare-cgroup-v2.sh" ]
View as plain text